标准编号:ISO/IEC 18043:2006
中文名称:信息技术-安全技术-入侵监测系统的选择,调配和操作
英文名称:Information technology — Security techniques — Selection, deployment and operations of intrusion detection systems
发布日期:2006-06
标准范围
This International Standard provides guidelines to assist organizations in preparing to deploy IntrusionDetection System (IDS). In particular, it addresses the selection, deployment and operations of IDS. It alsoprovides background information from which these guidelines are derived.This International Standard is intended to be helpful toa) an organization in satisfying the following requirements of ISO/IEC 27001:- The organization shall implement procedures and other controls capable of enabling promptdetection of and response to security incidents.- The organization shall execute monitoring and review procedures and other controls to properlyidentify attempted and successful security breaches and incidents.b) an organization in implementing controls that meet the following security objectives of ISO/IEC 17799:- To detect unauthorized information processing activities.- Systems should be monitored and information security events should be recorded. Operator logs andfault logging should be used to ensure information system problems are identified.- An organization should comply with all relevant legal requirements applicable to its monitoring andlogging activities.- System monitoring should be used to check the effectiveness of controls adopted and to verifyconformity to an access policy model.An organization should recognize that deploying IDS is not a sole and/or exhaustive solution to satisfy or meetthe above-cited requirements. Furthermore, this International Standard is not intended as criteria for any kindof conformity assessments, e.g., Information Security Management System (ISMS) certification, IDS servicesor products certification.
标准预览图
立即下载标准文件